SSL at GNOME

Certificates are managed differently based on their issuer:

  1. Gandi - certificates.git on puppet-back

  2. Let's Encrypt - /srv/letsencrypt on puppet-back

Cloning the certificates.git should happen on the target machine itself:

ssh puppet-back
git clone /git/certificates.git

The list of the domains we cover via SSL will follow.

Gandi

  1. *.gnome.org
  2. bugzilla.gnome.org
  3. bugzilla-attachments.gnome.org
  4. *.bugzilla-attachments.gnome.org
  5. bugzilla-test.gnome.org
  6. bugzilla-attachments-test.gnome.org
  7. *.bugzilla-attachments-test.gnome.org
  8. id.gnome.org
  9. *.id.gnome.org
  10. status.gnome.org
  11. account.gnome.org

Let's Encrypt

  1. gnome.org
  2. git.gnome.org
  3. l10n.gnome.org
  4. meetbot.gnome.org
  5. nagios.gnome.org
  6. build.gnome.org
  7. progress.gnome.org
  8. blogs.gnome.org
  9. www.gnome.org
  10. sdk.gnome.org
  11. odrs.gnome.org
  12. jabber.gnome.org
  13. conference.gnome.org
  14. smtp.gnome.org
  15. restaurant.gnome.org
  16. guadec.org
  17. ${year}.guadec.org

Seventh SSL Certificate

  1. gtk.org
  2. blog.gtk.org

Sysadmin/SSL (last edited 2016-11-05 16:52:33 by AndreaVeri)